Google's Play Store is under constant attack from increasingly resourceful bad actors, and despite the search giant's best efforts to keep Android users worldwide protected from all kinds of threats to their most sensitive information, yet another malicious app has reportedly managed to wreak havoc of late.
What's the app and how concerned should you be?
Posing as an innocent and helpful "battery saver & phone booster", Fast Cleaner racked up over 50,000 installs before Google finally caught on to the app's real intentions. Thanks to a tactic as old as time, that injected a brand-new banking trojan into the Android devices of unsuspecting users across the old continent, aiming to steal credentials and intercept text messages and notifications without anyone ever noticing anything fishy.
The good news is "Xenomorph" was apparently uncovered in the "inphancy" stage of its development, which means some of its malicious capabilities were not actually operational when ThreatFabric conducted its analysis. In other words, this is probably a slightly less dangerous trojan than the aforementioned "Alien" or the widely reported "Joker" that's been circulating in different iterations for several years now.
The bad news is said capabilities could be enabled and expanded at any moment, both on devices currently running the Fast Cleaner app and via other innocuous-looking apps that have either not been published or discovered yet.
What can you do to steer clear of danger?
Obviously, the first thing to do is immediately uninstall Fast Cleaner if you made the mistake of trusting its "battery saver" and performance booster intentions to start with.
The Xenomorph malware is primarily going after European banks... at the moment.
To be perfectly clear, the malicious app analyzed by ThreatFabric was purportedly created by "ilzeeva4", which is probably not a real developer anyway, and you can no longer find this in the Play Store.
Alas, merely deleting the app may not be enough to rid yourself of the threat, as sneaky lines of code could be left behind to continue harvesting financial data. A good additional security measure would be to contact your bank or simply check your statements for unauthorized operations, and perhaps more importantly, frequently change your passwords, PIN numbers, and so on.
Recommended Stories
Two-factor authentication involving a second device, like a backup phone or a computer, is a great way to keep your money safe in general, and as far as malicious Android apps are concerned, remember to always check user ratings and avoid little-known titles and developers promising you features and functionalities that seem too good to be true.
This time, the specific targets of the credential-stealing operation included a grand total of 56 different banks from Europe only (and a bunch of additional cryptocurrency wallets and services), but the next threat could well span the entire world, so it's important to stay safe and follow our advice wherever you live and whatever Android device you use.
Adrian, a mobile technology enthusiast since the Nokia 3310 era, has been a dynamic presence in the tech journalism field, contributing to Android Authority, Digital Trends, and Pocketnow before joining PhoneArena in 2018. His expertise spans across various platforms, with a particular fondness for the diversity of the Android ecosystem. Despite the challenges of balancing full-time parenthood with his work, Adrian's passion for tech trends, running, and movies keeps him energized. His commitment to mid-range smartphones has led to an eclectic collection of devices, saved from personal bankruptcy by his preference for 'adequate' over 'overpriced'.
Recommended Stories
Loading Comments...
COMMENT
All comments need to comply with our
Community Guidelines
Phonearena comments rules
A discussion is a place, where people can voice their opinion, no matter if it
is positive, neutral or negative. However, when posting, one must stay true to the topic, and not just share some
random thoughts, which are not directly related to the matter.
Things that are NOT allowed:
Off-topic talk - you must stick to the subject of discussion
Offensive, hate speech - if you want to say something, say it politely
Spam/Advertisements - these posts are deleted
Multiple accounts - one person can have only one account
Impersonations and offensive nicknames - these accounts get banned
Moderation is done by humans. We try to be as objective as possible and moderate with zero bias. If you think a
post should be moderated - please, report it.
Have a question about the rules or why you have been moderated/limited/banned? Please,
contact us.
![T-Mobile users can get iPhone 16 for the price of a budget phone (no new line) [UPDATED]](https://m-cdn.phonearena.com/images/article/167601-wide-two_350/T-Mobile-users-can-get-iPhone-16-for-the-price-of-a-budget-phone-no-new-line-UPDATED.jpg)
FCC OKs Cingular\'s purchase of AT&T Wireless
Things that are NOT allowed: